Book Image

Ansible Playbook Essentials

By : Gourav Shah, GOURAV JAWAHAR SHAH
Book Image

Ansible Playbook Essentials

By: Gourav Shah, GOURAV JAWAHAR SHAH

Overview of this book

Ansible Playbook Essentials will show you how to write a blueprint of your infrastructure, encompassing multitier applications using Ansible's playbooks. Beginning with basic concepts such as plays, tasks, handlers, inventory, and YAML Ain't Markup Language (YAML) syntax that Ansible uses, you'll understand how to organize your code into a modular structure. Building on this, you will study techniques to create data-driven playbooks with variables, templates, logical constructs, and encrypted data, which will further strengthen your application skills in Ansible. Adding to this, the book will also take you through advanced clustering concepts, such as discovering topology information about other nodes in the cluster and managing multiple environments with isolated configurations. As you approach the concluding chapters, you can expect to learn about orchestrating infrastructure and deploying applications in a coordinated manner. By the end of this book, you will be able to design solutions to your automation and orchestration problems using playbooks quickly and efficiently.

Related Content you might be interested in

Current Title:

Small book image
Ansible Playbook Essentials
Gourav Shah | GOURAV JAWAHAR SHAH
Aug, 2015 | 168 pages
No titles found
Table of Contents (20 chapters)
Ansible Playbook Essentials
Ansible Playbook Essentials
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Setting Up the Learning Environment
Setting Up the Learning Environment
Free Chapter
1
Blueprinting Your Infrastructure
Blueprinting Your Infrastructure
Getting introduced to Ansible
Plays
Our first playbook
Review questions
Summary
2
Going Modular with Ansible Roles
Going Modular with Ansible Roles
Understanding roles
Naming roles
The directory layout for roles
Creating a site-wide playbook, nesting, and using include statements
Creating the www playbook
Creating a base role
Creating an Nginx role
Automating events and actions with handlers
Adding pre-tasks and post-tasks to playbooks
Running playbooks with roles
Review questions
Summary
3
Separating Code and Data – Variables, Facts, and Templates
Separating Code and Data – Variables, Facts, and Templates
Static content explosion
Separating code and data
Jinja2 templates
Facts and variables
Templating the Nginx configurations
Adding another layer – the MySQL role
Variable precedence
The best practices for variable usage
Review questions
Summary
4
Bringing In Your Code – Custom Commands and Scripts
Bringing In Your Code – Custom Commands and Scripts
The command modules
Deploying a WordPress application – a hands-on approach
Review questions
Summary
5
Controlling Execution Flow – Conditionals
Controlling Execution Flow – Conditionals
The conditional control structure
Refactoring the MySQL role
Conditional control structure in Jinja2 templates
Running a task only once
Executing roles conditionally
Review questions
Summary
6
Iterative Control Structures – Loops
Iterative Control Structures – Loops
The omnipotent with statement
Configuring WordPress requisites
The PHP5-FPM role
Creating MySQL databases and user accounts
Creating Nginx virtual hosts
Review questions
Summary
7
Node Discovery and Clustering
Node Discovery and Clustering
Node discovery with magic variables
Creating the load balancer role
Accessing facts for non-playbook hosts
Review questions
Summary
8
Encrypting Data with Vault
Encrypting Data with Vault
Ansible-vault
Using the Ansible-vault
Encrypting the database credentials
Using a password file
Adding the vault password file option to the Ansible configuration
Review questions
Summary
9
Managing Environments
Managing Environments
Approaches for managing environments
Creating a development environment
Review questions
Summary
10
Orchestrating Infrastructure with Ansible
Orchestrating Infrastructure with Ansible
Ansible as an orchestrator
Tagging the roles
Creating an orchestration playbook for WordPress
Review questions
Summary
References
References
Index
Index

Encrypting the database credentials

Earlier while creating database users, we provided the passwords as plain text in group_vars. This can be a potential threat, especially when checked into a version control repository. Let's encrypt it. We will use the encrypt subcommand as we already have a variables file.

Since we are using the group_vars group to provide database credentials, we will encrypt the group_vars/all file as follows:

$ ansible-vault encrypt group_vars/all
Vault password:
Confirm Vault password:
Encryption successful

For encryption, Ansible-vault asks for a password or key to be entered by the user. Using this key, the vault encrypts the data and replaces the file with the encrypted content. The following diagram shows the plain text content on the left and the equivalent encrypted content on the right for the group_vars/all file:

This file now can be safely checked into a version control system and shared. However, the following are the caveats users should be aware of:

  • Unlike...

Previous Section
End of Section 4
Next Section